Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is adjusted compared to the one from the template to setup rust+cross | |
name: Build and publish app release | |
on: | |
release: | |
types: [published] | |
env: | |
PHP_VERSION: 8.1 | |
jobs: | |
build_and_publish: | |
runs-on: ubuntu-latest | |
# Only allowed to be run on nextcloud-releases repositories | |
if: ${{ github.repository_owner == 'nextcloud-releases' }} | |
steps: | |
### Adjustments start ### | |
- uses: cachix/install-nix-action@v20 | |
- uses: cachix/cachix-action@v12 | |
with: | |
name: notify-push | |
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
### Adjustments end ### | |
- name: Check actor permission | |
uses: skjnldsv/check-actor-permission@e591dbfe838300c007028e1219ca82cc26e8d7c5 # v2.1 | |
with: | |
require: write | |
- name: Set app env | |
run: | | |
# Split and keep last | |
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV | |
echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV | |
- name: Checkout | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
path: ${{ env.APP_NAME }} | |
### Adjustment start ### | |
fetch-depth: 0 | |
### Adjustment end ### | |
- name: Get appinfo data | |
id: appinfo | |
uses: skjnldsv/xpath-action@7e6a7c379d0e9abc8acaef43df403ab4fc4f770c # master | |
with: | |
filename: ${{ env.APP_NAME }}/appinfo/info.xml | |
expression: "//info//dependencies//nextcloud/@min-version" | |
- name: Read package.json node and npm engines version | |
uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 | |
id: versions | |
# Continue if no package.json | |
continue-on-error: true | |
with: | |
path: ${{ env.APP_NAME }} | |
fallbackNode: '^20' | |
fallbackNpm: '^9' | |
- name: Set up node ${{ steps.versions.outputs.nodeVersion }} | |
# Skip if no package.json | |
if: ${{ steps.versions.outputs.nodeVersion }} | |
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v3 | |
with: | |
node-version: ${{ steps.versions.outputs.nodeVersion }} | |
- name: Set up npm ${{ steps.versions.outputs.npmVersion }} | |
# Skip if no package.json | |
if: ${{ steps.versions.outputs.npmVersion }} | |
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" | |
- name: Set up php ${{ env.PHP_VERSION }} | |
uses: shivammathur/setup-php@81cd5ae0920b34eef300e1775313071038a53429 # v2 | |
with: | |
php-version: ${{ env.PHP_VERSION }} | |
coverage: none | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check composer.json | |
id: check_composer | |
uses: andstor/file-existence-action@20b4d2e596410855db8f9ca21e96fbe18e12930b # v2 | |
with: | |
files: "${{ env.APP_NAME }}/composer.json" | |
- name: Install composer dependencies | |
if: steps.check_composer.outputs.files_exists == 'true' | |
run: | | |
cd ${{ env.APP_NAME }} | |
composer install --no-dev | |
- name: Build ${{ env.APP_NAME }} | |
# Skip if no package.json | |
if: ${{ steps.versions.outputs.nodeVersion }} | |
env: | |
CYPRESS_INSTALL_BINARY: 0 | |
run: | | |
cd ${{ env.APP_NAME }} | |
npm ci | |
npm run build | |
- name: Check Krankerl config | |
id: krankerl | |
uses: andstor/file-existence-action@20b4d2e596410855db8f9ca21e96fbe18e12930b # v2 | |
with: | |
files: ${{ env.APP_NAME }}/krankerl.toml | |
- name: Install Krankerl | |
if: steps.krankerl.outputs.files_exists == 'true' | |
run: | | |
wget https://github.com/ChristophWurst/krankerl/releases/download/v0.14.0/krankerl_0.14.0_amd64.deb | |
sudo dpkg -i krankerl_0.14.0_amd64.deb | |
- name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl | |
if: steps.krankerl.outputs.files_exists == 'true' | |
run: | | |
cd ${{ env.APP_NAME }} | |
krankerl package | |
- name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with makefile | |
if: steps.krankerl.outputs.files_exists != 'true' | |
run: | | |
cd ${{ env.APP_NAME }} | |
make appstore | |
- name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} | |
continue-on-error: true | |
id: server-checkout | |
run: | | |
NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} | |
wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip | |
unzip latest-$NCVERSION.zip | |
- name: Checkout server master fallback | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
if: ${{ steps.server-checkout.outcome != 'success' }} | |
with: | |
submodules: true | |
repository: nextcloud/server | |
path: nextcloud | |
- name: Sign app | |
run: | | |
# Extracting release | |
cd ${{ env.APP_NAME }}/build/artifacts | |
tar -xvf ${{ env.APP_NAME }}.tar.gz | |
cd ../../../ | |
# Setting up keys | |
echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key | |
wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" | |
# Signing | |
php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} | |
# Rebuilding archive | |
cd ${{ env.APP_NAME }}/build/artifacts | |
tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} | |
- name: Attach tarball to github release | |
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2 | |
id: attach_to_release | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz | |
asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz | |
tag: ${{ github.ref }} | |
overwrite: true | |
- name: Upload app to Nextcloud appstore | |
uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1 | |
with: | |
app_name: ${{ env.APP_NAME }} | |
appstore_token: ${{ secrets.APPSTORE_TOKEN }} | |
download_url: ${{ steps.attach_to_release.outputs.browser_download_url }} | |
app_private_key: ${{ secrets.APP_PRIVATE_KEY }} |